RBS fined £56m over 2012 IT failures that left 6.5 million customers unable to access their accounts

RBS has been fined £42m by the Financial Conduct Authority and £14m by the Prudential Regulation Authority

Share

Get business updates directly to your inbox

Thank you for subscribing!

Could not subscribe, try again laterInvalid Email

Fines adding up to £56m have been imposed on Royal Bank of Scotland as a consequence of the failures in its IT systems which left customers unable to access their accounts in the summer of 2012.

The bank has already had to pay out more than £70m in compensation to customers in the UK.

Up to 6.5 million customers were affected by the IT failures according to the Financial Conduct Authority, which has fined RBS £42m.

The Bank of England’s Prudential Regulation Authority has issued a separate penalty of £14m in relation to the bank’s inadequate systems.

Over the course of several weeks, some customers could not use online banking facilities or obtain accurate account balances from ATMs.

They were also unable to make mortgage payments on time and customers were left without cash in foreign countries. Among other problems, the banks applied incorrect credit and debit interest to customers’ accounts and produced inaccurate bank statements.

The issues in June 2012 stemmed from a botched upgrade to the software that processed updates to customers’ accounts overnight.

When it noticed problems with the upgrade the FCA said the bank’s central IT function decided to uninstall it without first testing the consequences of that action.

Tracey McDermott, the FCA’s director of enforcement and financial crime, said there were “failures at many levels” to identify and manage the risks stemming from such an incident.

She added: “Modern banking depends on effective, reliable and resilient IT systems. The banks’ failures meant millions of customers were unable to carry out the banking transactions which keep businesses and people’s everyday lives moving.”

The failures have already resulted in RBS’s Ulster Bank receiving a record fine of almost £2.75m from the Central Bank of Ireland.

RBS chairman Sir Philip Hampton said: “Our IT failure in the summer of 2012 revealed unacceptable weaknesses in our systems and caused significant stress for many of our customers.

“As I did back then, I again want to apologise to all customers in the UK and Ireland that we let down two and a half years ago.”

Sir Philip said the bank has since spent hundreds of millions of pounds on increasing the resilience of its IT systems.

RBS said 16 staff forfeited pay and bonuses worth around £6m as a result of the incident, including the previously disclosed decision by former RBS chief executive Stephen Hester and Ulster Bank boss Jim Brown to waive any bonus that might have been awarded to them in 2012.

It is the first penalty imposed by the PRA since it was formed in April 2013.

The regulator said the incident began on June 18 and directly affected at least 6.5 million customers in the UK, 92% of whom were retail customers.

Disruption to the majority of RBS and NatWest systems lasted until June 26 and in the case of Ulster Bank systems until July 10. Disruptions to other systems continued into July.

The regulator said the IT incident could have threatened the safety and soundness of the banks and also had the potential to impact on the stability of the wider financial system.

Bank of England deputy governor Andrew Bailey said: “The severe disruption experienced by RBS, NatWest and Ulster Bank in June and July 2012 revealed a very poor legacy of IT resilience and inadequate management of IT risks.

“It is crucial that RBS, Natwest and Ulster Bank fix the underlying problems that have been identified to avoid threatening the safety and soundness of the banks.”

Which? executive director Richard Lloyd said the Treasury should spend the fines on improving financial education for young people, so that the next generation of consumers are better equipped to hold banks to account.

He added: “With record low levels of confidence in banking, regulators must continue to take tougher action to ensure the basics of customer service are improved, access to essential bank services is maintained in every community, and full compensation given to anyone affected by failings.”